Netiq » Edirectory : Security Vulnerabilities, CVEs,
NetIQ eDirectory before 9.0 SP4 did not enforce login restrictions when "ebaclient" was used, allowing unpermitted access to eDirectory services.
Max CVSS
9.8
EPSS Score
0.30%
Published
2018-03-02
Updated
2021-04-13
The certificate upload in NetIQ eDirectory PKI plugin before 8.8.8 Patch 10 Hotfix 1 could be abused to upload JSP code which could be used by authenticated attackers to execute JSP applets on the iManager server.
Max CVSS
8.8
EPSS Score
0.16%
Published
2018-03-02
Updated
2021-04-13
Novell iManager 2.7 before SP7 Patch 9, NetIQ iManager 3.x before 3.0.2.1, Novell eDirectory 8.8.x before 8.8 SP8 Patch 9 Hotfix 2, and NetIQ eDirectory 9.x before 9.0.2 Hotfix 2 (9.0.2.2) use the deprecated MD5 hashing algorithm in a communications certificate.
Max CVSS
7.5
EPSS Score
0.84%
Published
2017-04-27
Updated
2019-10-03
Addresses denial of service attack to eDirectory versions prior to 9.1.
Max CVSS
7.5
EPSS Score
0.13%
Published
2018-03-21
Updated
2019-10-09
Fixed issues with NetIQ eDirectory prior to 9.1.1 when checking certificate revocation.
Max CVSS
7.5
EPSS Score
0.08%
Published
2018-07-10
Updated
2019-10-09
5 vulnerabilities found